On Sat, 04 Jan 2020 at 15:10:42 +0100, William Gathoye (LibreOffice) wrote:
Content Security Policy: The page’s settings blocked the loading of a resource at http://fr.blog.documentfoundation.org/wp-json/jetpack/v4/rewind?_cacheBuster=1578146864121 (“connect-src”).
What's the concrete impact of blocking that resource? There are other external resources being blocked on the admin panel, but AFAICT this is just cosmetic, and these errors don't show up for anonymous visitors (ie the overwhelming majority of users). I'm not too keen to further weaken the CSP if that's just cosmetic; would rather use the errors as a reminder to harden it. -- Guilhem. -- To unsubscribe e-mail to: website+unsubscribe@global.libreoffice.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/website/ Privacy Policy: https://www.documentfoundation.org/privacy